CHAPTER 9
CONFIDENTIALITY AND PRIVACY CONTROLS
SUGGESTED ANSWERS TO DISCUSSION QUESTIONS
9.1 From the viewpoint of the customer, what are the advantages and disadvantages to
the opt-in versus the opt-out approaches to collecting personal information? From
the viewpoint of the organization desiring to collect such information?
9.2 What risks, if any, does offshore outsourcing of various information systems
functions pose to satisfying the principles of confidentiality and privacy?
Outsourcing is and will likely continue to be a topic of interest. One question that may
facilitate discussion is to ask the students if once a company sends some operations
offshore, does the outsourcing company still have legal control over their data or do the
laws of the off shore company dictate ownership? Should the outsourcing company be
liable in this country for data that was lost or compromised by an outsourcing offshore
partner?
9.3 Upon your request (with proper verification of your identity) should organizations
be required to delete personal information about you that they possess?
This question addresses the issue of the “right to be forgotten”. Responses are likely to
vary, but you may want to make sure to cover the following points
9.4 What privacy concerns might arise from the use of biometric authentication
techniques? What about the embedding of RFID tags in products such as clothing?
What other technologies might create privacy concerns?
9.5 What do you think an organization’s duty or responsibility should be to protect the
privacy of its customers’ personal information? Why?
9.6 Assume you have interviewed for a job online and now receive an offer of
employment. The job requires you to move across the country. The company sends
you a digital signature along with the contract. How does this provide you with
enough assurance to trust the offer so that you are willing to make the move?
SUGGESTED SOLUTIONS TO THE PROBLEMS
9.1 Match the terms with their definitions:
1. _d__ Virtual Private
Network (VPN)
a. A hash encrypted with the creator’s private key
2. _k__ Data Loss
Prevention (DLP)
b. A company that issues pairs of public and private keys and
verifies the identity of the owner of those keys.
3. _a__ Digital signature
c. A secret mark used to identify proprietary information.
4. _j__ Digital certificate
d. An encrypted tunnel used to transmit information securely
across the Internet.
5. _e__ Data masking
e. Replacing real data with fake data.
6. _p__ Symmetric
encryption
f. Unauthorized use of facts about another person to commit
fraud or other crimes.
7. __h_ Spam
g. The process of turning ciphertext into plaintext.
8. __i_ Plaintext
h. Unwanted e-mail.
9. _l__ Hashing
i. A document or file that can be read by anyone who accesses
it.
10. _m_Ciphertext
j. Used to store an entity’s public key, often found on web sites.
11. _r__Information rights
management (IRM)
k. A procedure to filter outgoing traffic to prevent confidential
information from leaving.
12. _b_ Certificate authority
l. A process that transforms a document or file into a fixed
length string of data.
13. _q__ Non-repudiation
m. A document or file that must be decrypted to be read.
14. _c__ Digital watermark
n. A copy of an encryption key stored securely to enable
decryption if the original encryption key becomes
unavailable.
15. _o__ Asymmetric
encryption
o. An encryption process that uses a pair of matched keys, one
public and the other private. Either key can encrypt
something, but only the other key in that pair can decrypt it.
16. _n_ Key escrow
p. An encryption process that uses the same key to both encrypt
and decrypt.
q. The inability to unilaterally deny having created a document
or file or having agreed to perform a transaction.
r. Software that limits what actions (read, copy, print, etc.)
users granted access to a file or document can perform.
9.2 Cost-effective controls to provide confidentiality require valuing the information
that is to be protected. This involves classifying information into discrete categories.
Propose a minimal classification scheme that could be used by any business, and
provide examples of the type of information that would fall into each of those
categories.
The exact hash values will differ depending upon the program used to create the text
documents (e.g., Word versus Notepad). Below are SHA-256 hashes of files created in
Word for Windows 2007 on a computer running Windows 7:
This is the reason that hashes are so important they provide a way to test the “integrity”
of a file. If two files are supposed to be identical, but they have different hash values,
the same text, but a different hash value because Word incorporates system data when
saving the file:
Word document for part a:
866af63d78f6546b95e48919e9007309b1cd646da384035c5e6f4790b90cbf24
Word document for part e:
9.4 Accountants often need to print financial statements with the words
“CONFIDENTIAL” or “DRAFT” appearing in light type in the background.
a. Create a watermark with the word “CONFIDENTIAL” in a Word document.
Print out a document that displays that watermark.
In Word, the Page Layout menu contains an option to create a watermark.
When you click on the Watermark choice, a drop-down menu presents an array of built-in
options for using the word “Confidential” as a watermark.
b. Create the same watermark in Excel and print out a spreadsheet page that
displays that watermark.
Excel does not have a built-in watermark facility. However, if you search for information
about watermarks in Excel’s help function, you learn that you have two options:
.